Changes for page How to setup an XWiki docker container
Last modified by Alexandru Pentilescu on 2023/06/25 18:56
From version 47.1
edited by Alexandru Pentilescu
on 2022/06/09 23:25
on 2022/06/09 23:25
Change comment:
There is no comment for this version
To version 53.1
edited by Alexandru Pentilescu
on 2022/06/15 20:02
on 2022/06/15 20:02
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -5,7 +5,7 @@ 5 5 * You have sudo rights on the machine where you're trying to install the XWiki server on 6 6 * This machine already has docker fully installed and properly configured on it. Please perform a test installation of any random image from docker hub to ensure that everything works appropriately 7 7 * You already own and are in control of a domain name for which you wish to make the XWiki server accessible through. This domain name is already pre-configured to point to the server that you wish to install XWiki on. In my particular case, I already have pentilescu.com configured to point to my VPS and, what I wished to accomplish was to have a subdomain via which I could access XWiki. In this particular case, this subdomain was wiki.pentilescu.com. To that end, you must have nginx also configured and running on the same server in the background, to have it redirect connections whose destination is a specific port to a subdomain 8 -* Finally, you must have an SMTP email server running somewhere accessible to the docker instance. XWiki will need to use this server to relay account activation emails as well as password reset emails to its users8 +* Finally, it's recommended (although not mandatory) to have an SMTP email server running somewhere accessible to the docker instance. XWiki will need to use this server to relay account activation emails as well as password reset emails to its users 9 9 10 10 With all of these details in mind, let's begin! 11 11 ... ... @@ -133,7 +133,6 @@ 133 133 134 134 Please replace <database_password> and <mysql_root_password> with randomly generated long strings, preferrably containing a long sequence of lowercase, uppercase letters, digits and symbols. In my case, I chose 12 character long sequences for each of them. It's unlikely for a hacker to compromise your docker environment but it's still best practice to make the passwords as long and hard to guess as possible, as an extra layer of security. 135 135 136 - 137 137 = First run of the container = 138 138 139 139 The first run is always the scariest. Start up the docker image and wait for everything to initialize: ... ... @@ -158,7 +158,7 @@ 158 158 159 159 For the time being, press the "Later" button on the dialog (not the "Never" one!) and then run a "docker-compose down" to stop the container from running. The first test run was a success! Congratulations! 160 160 161 -= Nginx reverse proxy configuration = 160 += [OPTIONAL] Nginx reverse proxy configuration = 162 162 163 163 We assume you already have Nginx installed and properly configured on your machine. Also, we will assume you have an X.509 certificate whose Subject Alt Names includes both your domain name, as well as the subdomain for your wiki (i.e. in my case for pentilescu.com and wiki.pentilescu.com, respectively) and you've configured Nginx to utilize both of them! If this is not the case or you're unsure how to perform these configurations, please check the internal "How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it" guide at the bottom of this page. 164 164 ... ... @@ -292,8 +292,14 @@ 292 292 As such, you, as the administrator, should change these encryption keys to your own, randomly generated ones. To do so, go to <your XWiki directory>/data/xwiki-data/data/ and modify the "xwiki.cfg" configuration file there. This file should have two configuration options called "xwiki.authentication.validationKey" and "xwiki.authentication.encryptionKey". Generate, from scratch, two different 32 character long encryption keys and replace the default ones with your ones. Uppercase and lowercase letters, as well as digits, are allowed. I don't believe other symbols are accepted though. 293 293 Change these and restart the docker container, for the changes to apply. 294 294 294 + 295 +== Make the "xwiki-data" directory accessible to non-root users == 296 + 297 +For whatever reason, my setup generated the "xwiki-data" directory under my XWiki folder as being owned by the root user and under the root group, with permission levels of {{{"rwx------"}}}. If you're not already the root user on that machine, these permission levels are problematic as they will prevent you from cd-ing into it and making necessary configuration changes, nor even backing up that directory for the future. 298 +As such, please remember to "sudo chmode 655 -R xwiki-data/" to make it accessible! If this security configuration is not appropriate for your use cases, you may tweak it to fit your needs! 299 + 295 295 = External references = 296 296 297 297 [[Official docker guide for installing XWiki>>https://github.com/xwiki/xwiki-docker/blob/master/README.md]] 298 -How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it [NOT YET WRITTEN!]303 +[[How to setup an Nginx reverse proxy and also provide a global X.509 certificate for it>>https://wiki.pentilescu.com/bin/view/Guides/How%20to%20setup%20an%20Nginx%20reverse%20proxy%20and%20also%20provide%20a%20global%20X.509%20certificate%20for%20it/]] 299 299 How to setup a postfix SMTP server [NOT YET WRITTEN]